f9e4aaf6f4ba3596abe3a286248e38fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9e4aaf6f4ba3596abe3a286248e38fd_JaffaCakes118
Size

216KB
MD5

f9e4aaf6f4ba3596abe3a286248e38fd
SHA1

8895f532931d7533796b3d08c749bcea80a51c33
SHA256

a18a77b676f60fe5a13da5919a2b0fa0e0d525b181a55bf65609d619e515a186
SHA512

b04fc3ee6e400f0a6fbae5d2937357216704e7a095b748314c9b3276d1d5b5220baebd287b84f80e838ff511dbe4edd5af3495bfee09c4f93a5b63064ec44e43
SSDEEP

3072:CFZE8pfj0zA1zre6g/diwvyorlmvjhPv2DaO/vuIXVxinH0oSptT:CFZTpf3xrV+iwvy312DjuIXCnHeDT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9e4aaf6f4ba3596abe3a286248e38fd_JaffaCakes118

Files

f9e4aaf6f4ba3596abe3a286248e38fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a028c22e66301dff487f90e3e3144600

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetStartupInfoW
ExitProcess
RtlUnwind
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
SetStdHandle
GetACP
GetOEMCP
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
SetErrorMode
GetProcessVersion
SetLastError
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
MulDiv
lstrcpynW
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetModuleHandleA
LoadLibraryA
FreeLibrary
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GetModuleHandleW
GetProcAddress
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
CloseHandle
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
GetFileAttributesW
SetFileAttributesW
GetModuleFileNameW
FormatMessageW
LocalFree
GetLastError
GetVersion
GetWindowsDirectoryW
lstrlenW
lstrcatW
FindFirstFileW
lstrcmpW
FindNextFileW
DeleteFileW
FindClose
GetEnvironmentVariableA

user32

TabbedTextOutW
DrawTextW
GrayStringW
LoadStringW
LoadCursorW
GetSysColorBrush
DestroyMenu
GetClassNameW
LoadIconW
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetTopWindow
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DefWindowProcW
CreateWindowExW
SetPropW
UnhookWindowsHookEx
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
SetFocus
ShowWindow
SetWindowPos
SetWindowLongW
GetDlgCtrlID
GetWindowTextLengthW
SetWindowTextW
IsDialogMessageW
UnregisterClassW
SendDlgItemMessageW
CopyRect
GetClientRect
GetDC
ReleaseDC
EndDialog
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
ClientToScreen
GetPropW
PtInRect
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SetCursor
PostMessageW
PostQuitMessage
EnableWindow
SendMessageW
SetTimer
GetDesktopWindow
GetWindow
GetWindowTextW
MessageBoxW

gdi32

GetDeviceCaps
PtVisible
RectVisible
TextOutW
OffsetViewportOrgEx
ExtTextOutW
Escape
SetViewportOrgEx
SetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
CreateBitmap
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
SetViewportExtEx

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey

comctl32

ord17

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsW
SetupDiRemoveDevice
SetupDiCallClassInstaller
SetupDiCreateDeviceInfoW
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoList
SetupCloseInfFile
SetupFindNextLine
SetupFindFirstLineW
SetupOpenInfFileW
SetupGetStringFieldW
SetupPromptReboot
CM_Reenumerate_DevNode
CM_Locate_DevNodeW
SetupGetFieldCount
SetupDiClassGuidsFromNameW
SetupDiGetINFClassW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupGetTargetPathW

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a028c22e66301dff487f90e3e3144600

Headers

File Characteristics

Imports

newdev

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

setupapi

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 20KB - Virtual size: 35KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 20KB - Virtual size: 35KB

.rsrc
Size: 76KB - Virtual size: 76KB